CVE-2001-1556

medium

Apache

CVSS v3 Base Score

5.0

AV:N/AC:L/Au:N/C:N/I:P/A:N

EPSS Score

1.8%

Exploitation probability in 30 days

Top 17% most likely to be exploited

Attack Characteristics

Attack Vector

Network

Attack Complexity

Low

Confidentiality

None

Integrity

Availability

None

Published: December 31, 2001 (8900 days ago)

Last Modified: April 16, 2026

Vendor: Apache

Source: NVD

Description

The log files in Apache web server contain information directly supplied by clients and does not filter or quote control characters, which could allow remote attackers to hide HTTP requests and spoof source IP addresses when logs are viewed with UNIX programs such as cat, tail, and grep.

CWE

CWE-532

Affected Products

apache http server

References

🔗 archives.neohapsis.com 🔗 httpd.apache.org 🔗 www.iss.net 🔗 archives.neohapsis.com 🔗 httpd.apache.org

CVE-2001-1556

Vulnerability Report

Description

CWE

Affected Products

References